<?php
/**
 * A rail_user can connect via a rail_connector to this rail tree. All rail objects has a rail_user as owner.
 *
 * PHP versions 5
 *
 * Copyright (C)
 * This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty
 * of ERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software
 * Fundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110, USA
 *
 * @author Bastian Schröder <bs@chemanet.de>
 * @version 2007-10-23
 * @package rail
 */
class rail_user extends rail_object {

	/**
	 * Attributes which are not writeable from outside. The array contains only the name
	 * of protected attributes not the attribute itself.
	 *
	 * @var array
	 */
	protected $protected_attributes = array( OBJ_TIME_CREATE, OBJ_TIME_LASTWRITE, OBJ_NAME, RAIL_PASSWD );


	/**
	 * Delete object and recrusiv the inventory. Returned false, if one ore more object can't deleted.
	 * The root and guest user can't deleted. The user loged in at actual rail_connector can't deleted.
	 *
	 * @exception rail_writepermission_exception
	 * @return bool
	 */
	public function delete () {
		if( $this->rail_connector->get_user()->get_id() == $this->get_id() )
			throw new rail_writepermission_exception( $this, 'Can\'t delete yourself!' );
		if( $this->get_name() == "root" || $this->get_name() == "guest" )
			throw new rail_writepermission_exception( $this, 'Can\'t delete ' . $this->get_name() . '!' );

		// change user for all rail_objects owned by this user
		$data = $this->rail_connector->send_request( "SELECT objects.`id` FROM objects, objects_attributes WHERE objects.`id`=objects_attributes.`object` AND objects.`type`='RAIL_USER' AND objects_attributes.`attribute`='OBJ_NAME' AND objects_attributes.`value`='root' LIMIT 1" )->fetch_assoc();
		$this->rail_connector->send_request( "UPDATE objects SET `user`='" . $data['id'] . "' WHERE `user`='" . $this->get_id() . "' AND `id`<>'" . $this->get_id() . "'" );

		return parent::delete();
	}


	/**
	 * Copy user. Return copyed user.
	 *
	 * @exception rail_readpermission_exception
	 * @param rail_object $pRailObject
	 * @return rail_object
	 */
	public function copy ( $pRailObject ) {
		$copy = parent::copy( $pRailObject );

		// update OBJ_NAME beacause two users can't have the same name
		$rail_type = $this->rail_connector->send_request( "UPDATE objects_attributes SET value='" . $copy->get_name() . "#" . $copy->get_id() . "' WHERE `object`=" . $copy->get_id() . " AND `attribute`='OBJ_NAME' LIMIT 1" );

		return rail_factory::get_object( $this->rail_connector, $copy->get_id() );
	}


	/**
	 * Get all rail_group objects in witch this rail_user is a member. Returned a array of rail_group.
	 *
	 * @exception rail_readpermission_exception
	 * @return array
	 */
	public function get_memberships () {
		// check read permission
		if( !$this->is_readable( $this->rail_connector->get_user() ) )
		 	throw new rail_readpermission_exception( $this );

		return array_merge( array($this->get_group()), $this->get_relations( RAIL_MEMBERSHIP ) );
	}


	/**
	 * Get password, of course crypted.
	 *
	 * @exception rail_readpermission_exception
	 * @return string
	 */
	public function get_passwd () {
		// check read permission
		 if( !$this->is_readable( $this->rail_connector->get_user() ) )
		 	throw new rail_readpermission_exception( $this );

		return $this->get_attribute( RAIL_PASSWD );
	}


	/**
	 * Set user name.
	 * In every inventory can only one user with the same name. The root and guest user can't rename.
	 *
	 * @exception rail_writepermission_exception
	 * @param string $pName.
	 */
	public function rename ( $pName ) {
		// check write permission
		if( !$this->is_writeable( $this->rail_connector->get_user() ) )
		 	throw new rail_writepermission_exception( $this );

		$name = trim( $pName );

		if( $this->cache[ 'attributes' ][ OBJ_NAME ] == $name )
			return;

		// can't rename root or guest account
		if( $this->get_name() == 'root' || $this->get_name() == 'guest' )
			throw new rail_writepermission_exception( $this, 'Can\'t rename ' . $this->get_name() . '!' );

		// check wheather the new name already exist
		$data = $this->rail_connector->send_request( "
			SELECT
				objects.`id`, objects_attributes.`value` as `name`
			FROM
				objects,objects_attributes
			WHERE
				objects.`id`=objects_attributes.`object` AND objects_attributes.`attribute`='OBJ_NAME' AND objects.`type`='RAIL_USER'
		" );
		while( $data_row = $data->fetch_assoc() ){
			if( $data_row['name'] != $name )
				continue;

			throw new rail_writepermission_exception( $this, "Rename failed. User $name already exist!" );
		}

		// write to databases
		$this->rail_connector->send_request( "UPDATE objects_attributes SET `value`='$name' WHERE `object`='" . $this->get_id() . "' AND `attribute`='OBJ_NAME'" );
		$this->cache[ 'attributes' ][OBJ_NAME] = $name;
	}


	/**
	 * Set user passwd.
	 * The guest password can't change.
	 *
	 * @exception rail_writepermission_exception
	 * @param string $pPasswd
	 */
	public function set_passwd ( $pPasswd ) {
		// check write permission
		 if( !$this->is_writeable( $this->rail_connector->get_user() ) )
		 	throw new rail_writepermission_exception( $this );

		if( $this->get_name() == 'guest' )
			throw new rail_writepermission_exception( $this, 'Can\'t change guest\'s password!' );

		$passwd = md5( $pPasswd );

		// write to databases
		$this->rail_connector->send_request( "UPDATE objects_attributes SET `value`='$passwd' WHERE `object`='" . $this->get_id() . "' AND `attribute`='RAIL_PASSWD'" );

		// update attribute cache
		$this->cache[ 'attributes' ][ RAIL_PASSWD ] = $passwd;
	}

} // End of rail_user
?>